Pierluigi Paganini
May 18, 2018
While a new variant of the dreaded Mirai botnet, so-called Wicked Mirai, emerged in the wild the operators of the Mirai Satori botnet appear very active. Experts observed hackers using the Satori botnet to mass-scan the Internet for exposed Ethereum mining pools, they are scanning for devices with port 3333 exposed online. The port 3333 is a port […]
Pierluigi Paganini
May 09, 2018
The macOS client for the Signal fails to properly delete disappearing messages from the recipient’s system, potentially exposing sensitive messages. Signal is considered the most secure instant messaging app, searching for it on the Internet it is possible to read the Edward Snowden’ testimony: “Use anything by Open Whisper Systems” Snowden says. The Cryptographer and Professor at Johns […]
Pierluigi Paganini
May 01, 2018
Jan Koum, one of the WhatsApp founders, reportedly plans to leave the company in the wake of increasing concerns about Facebook’s approach to users’ privacy. Jan Koum, the co-founder of WhatsApp, reportedly plans to leave the company in the wake of increasing concerns about Facebook’s privacy policy. “It is time for me to move on . […]
Pierluigi Paganini
April 29, 2018
During checkout from faasos, I observed that there are several requests going to Facebook, which carries your Faasos details without user’s consent. I reported the issue to Facebook that closed my report saying: “Unfortunately what you have described is not currently covered by this program, We will follow up with you regarding any questions we may […]
Pierluigi Paganini
April 26, 2018
Checkmarx experts created a proof-of-concept Amazon Echo Skill for Alexa that instructs the device to eavesdrop on users’ conversations and then sends the transcripts to a website controlled by the attackers. The Alexa virtual assistant could be abused by attackers to spy on consumers with smart devices. Researchers at security firm Checkmarx created a proof-of-concept Amazon Echo Skill […]
Pierluigi Paganini
April 24, 2018
Researchers Paulos Yibelo explored a vulnerability he found in SaferVPN Chrome Extension. The vulnerability tracked as CVE-2018-10308 should help malicious actors to retrieve vital information such as IP addresses when a user visits a website. After my last month’s finding in Hotspot Shield, I decided to look at and audit more VPNs to see how […]
Pierluigi Paganini
April 21, 2018
Security experts at 360 Core Security have recently detected a new type of attack which targets some equihash mining pools. After analysis, they found out the attacked equihash mining pools are using a vulnerable equihash verifier (equihashverify : https://github.com/joshuayabut/equihashverify) to verify miners’ shares. There is a logic vulnerability in this verifier, so attacker can easily fake […]
Pierluigi Paganini
April 19, 2018
The private intelligence agency LocalBlox has left unsecured online an AWS bucket containing 48 million records that were also harvested from Facebook, LinkedIn, and Twitter. Oops … another data breach made the headlines and once again it was discovered by data leak hunters at Upguard. The private intelligence agency LocalBlox has left unsecured online an AWS […]
Pierluigi Paganini
April 18, 2018
Facebook explained how it is tracking Non-Users across the Internet and for which purposes it is using their metadata. Facebook is still in the middle of a storm for its conduct and the way it approached the privacy of its users after the Cambridge Analytica case. Now Facebook is under scrutiny after Zuckerberg testified in front […]
Pierluigi Paganini
April 16, 2018
Multiple vulnerabilities in the SecureRandom() function expose Bitcoin web wallet addresses generated by the flawed library to brute-force attacks. Old Bitcoin web wallet addresses generated in the browser or through JavaScript-based wallet apps might be affected by a cryptographic vulnerability that could be exploited b attackers to steal funds. According to the experts, the popular […]
Security / January 23, 2026
